RSA Creating RFID Blocker Tag
burgburgburg writes "RSA is introducing a new RFID cloaking system to guard secret data. The RSA Blocker Tag technology uses a jamming system designed to confuse RFID readers and prevent those devices from tracking data on individuals or goods outside certain boundaries. At its security conference, RSA demonstrated the blocking technology in a pharmacy setting. The pharmacist provides your prescription in a special bag with the Blocker tags. When the drugs are in the bag, RFID readers are blocked. Take them out, they're readable. The tags work by emitting radio frequencies that fool RFID readers into thinking they're receiving unwanted data, causing them to shun data from that source. RSA promises that this new technology will not interfere with the normal operation of RFID systems or allow hackers to use security technology to bypass theft-control systems or launch denial-of-service attacks." Maybe it's just me, but this seems to not address any of the important RFID issues at all.
RSA promises that this new technology will not interfere with the normal operation of RFID systems or allow hackers to use security technology to bypass theft-control systems.
I think this kind of technology is asking to be abused. Just like the cell fone signal jammers.
Consensus is good, but informed dictatorship is better
So once stores are using automated RFID-reading-Visa-charging tills instead of employing humans, you be able to get one of these bags, fill it with goodies, and walk out without paying?
Sounds good to me.
SteveB.
I probably would wind up getting sued. I guess you have to have a business plan to be able to jam signals without fear of prosecution (mostly kidding here).
It does seem like a reasonable application but, as the story says, isn't intended to address the broad range of objections. Still, protecting privacy of medical information is a step in the right direction... and what's to prevent me from applying it elsewise?
Why not simply make the bag out of a material that simply dampens radio signals, opposed to sending out additional, confusing signals? It's a technique used to keep security sensors from detecting RFID security tags. And the substances that work are ..reasonably commonplace.
Awk! Pieces of eight. Pieces of eight. Pieces of seven... ERROR: General Protection Fault. [Paroty Error.]
Why not just pull out the RFID?
What I want is to be able to disable the damm tags on anything I've already purchased and taken home!
-MattT *** Not speaking for my employer, or any other sentient beings ***
The same thing that keeps them from doing it now (hint: it's not RFID).
Stupid sexy Flanders.
Essentially, the blocker tag system works by tricking readers that all the possible RFID tags are present at a given time. Because RFID readers can communicate with only one tag at a time, when multiple tags reply to a single query, the reader detects a collision.
When that happens, the reader tries to communicate with each tag individually, asking each for its next bit, which identifies the portion of a binary tree the tag resides on. However, when queried in the presence of a blocker tag, the blocker tag also responds, but with a "0" and a "1" bit, confusing the reader and preventing it from getting valid responses.
So couldn't you just always have a blocker tag with you at all times? Say you build one of these into your watch, for instance. Wouldn't that make a store's entire RFID system useless for the items you're carrying?
Also, blocker tags in bags don't do anything to protect your privacy once you take the item out of the bag; so if the RFID tag is on clothing, it would still be active while you're wearing it, but not while you're walking out of the store with it. Something about that definitely doesn't seem right.
Not to mention a whole host of other problems. Seems RSA is looking for a new business model, seeing as their compression patent expired.
The most important things that keeps the vast majority of shoppers from stealing DVDs, or anything else for that matter, are honesty and morals.
Stupid sexy Flanders.
we like to call it the microwave
[Fuck Beta]
o0t!
...I'm sure that they'll find some law, like the DMCA, to use against anyone who dares try to assert this bizarre "privacy right". If no law can currently be manipulated into supporting their agenda, they'll write a new one and pay Congress to enact it.
STOP MISUSING APOSTROPHES, YOU MORONS!!!
Maybe it's just me, but this seems to not address any of the important RFID issues at all.
Why would this address any of the important issues. The important issues are based in policy, not technology. Technology enforces policy.
And I claim my RFID tag is for rights management and you go to jail. Easily solved. Come to think of it if you look suspicious I'm sure something like "going equipped to steal" would do for the carrier or nonsense like "accessory to a crime" to the manufacturer 8)
Strange how DVD copying software is being ruled illegal as it might be used to commit a crime while high velocity rifle rounds that penetrate police armour and kill people are not.
I guess Mickey Mouse is worth more than a pile of dead fbi men.
"Combine that with RFIDs scanned as they leave the store, returning to the car, and I think we will have an incredible insight into the nature of those people's purchases."
You think that's bad? Imagine a bomb which explodes when it detects the RFID tag in an American passport nearby.
RFID and/or barcodes on drugs can prevent errors in hospitals which cause many deaths per year in the US (dont have actual stats handy). In fact, it will soon be a requiremen that all drugs be barcoded in hospitals. If a drug is scanned before it is administered, and that scan is compared with a scan of the patients hospital wristband, incorrect drug and dosages can easily be caught. Prescription orders can be entered into the computer and verified by electronic signature, also eliminating mistakes due to sloppy handwriting.
RFIDs arent meant to solely deter shoplifting. Hell, you can rip the security tags off.
They're more about inventory and process control. Store managers want to be able to walk down the aisle with their RFID-scanning laptop and instantly know how many of each item are there. Or, misplaced items can shout "hey, I'm on the wrong shelf!"
Or honest shoppers can take their stuff up to the self-checkout area, and the screen shows you whats in your bag and you sign off on it, rather than having to scan and rebag everything.
And, of course, the paranoid will tell you its so the CIA can scan you from a plain white van and know what kind of deoderant you use.
Shoplifters and thieves will always find a way around the system, so it doesn't matter.
I don't need no instructions to know how to rock!!!!
The problem with all of this stuff is that I have no way to check any of it for myself. How do I know that the "blocker bag" they gave me works? How do I know that someone won't start a business of supplying cheap substitutes, for businesses that want to pacify their customers, that look like real blocker bags but don't do anything? What do I look for? The genuine RSA seal? What if the pharmacist hands me a bag that has some other company's seal on it? Do I trust it?
Will there be a TRUSTe seal on the bag to tell me that I can trust the company that made the bag... just like the TRUSTe seal that certified that eToys would never sell their customer list?
Suppose I have a genuine RSA-branded blocker bags with an authentic non-counterfeitable TRUSTe hologram on it. How do I know it's working properly? Will the pharmacy supply a "blocker bag scanner," like the price-checking guns in Walmart, that let me verify that the blocker bag is actually working? Will the blocker bag scanner have a Commonwealth of Massachusetts weights-and-measures sticker on it to assure me that it's working properly?
If the answer is that I should just trust the pharmacist to be telling the truth when he says it's a blocker bag... well, why shouldn't I just trust the pharmacy not to do anything bad with the data they are capturing from all the RFID tags I'm wearing?
Just because CVS/Pharmacy gave a marketing firm a list of diabetic customers to sell to companies marketing products for diabetics doesn't mean they'd ever do such a thing again. Heck, that was way way back in dark ages... 1998.
These companies are all like Lucy holding the football for Charlie Brown. Trust us, trust us, trust us... even though we've betrayed your trust over and over again in the past, we'll never do it again.
"How to Do Nothing," kids activities, back in print!
Strange? No. The firearms industry has lots of money, the movie industry has lots of money, and politicians want lots of money. It makes perfect sense to me.
In the meantime, I'll continue buying both as I damn well see fit (although to date I've not seen fit to buy either).
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
The DVD copying software (DVD Xcopy i presume, as thats the one that was in the news recently) was ruled illegal because it circumvented copy protection measures, and under current statutes (DMCA) its an open-and-shut case, there isnt much else the Judge could have done. It didnt make 1:1 backup copies, because it did two things: transcoded the contents to make it fit, and allowed you to choose what you wanted copied. If it could make 1:1 copies, and that was all it did, then it would probably have passed ok, as it didnt surcumvent any acts. Dont blame me, dont blame the judge, blame the person who signed the law.
Conceivably, RFID tags could be constantly tracked in store and raise a red flag to security if they disappear.
Not sure if that would do any good. Someone goes into a store and grabs something with an RFID, places it in their foil lined hidden inner pocket in their jacket, and walks out. When the item goes off the RFID master radar image, it maybe sets off an alert, so then someone has to physically walk to the shelf to see what happened. By then, the thief is long gone. Plus, they aren't exactly super high-power devices, I'm sure they occasionally don't hear the query or respond back in time, so you'd get lots of false alarms.
If you can read this then I forgot to check "Post Anonymously"
Excuse me, but why would they put RFID tags on items like medicines and then design bags to block them from the view of the RFID system? Why not, uh...just not tag them in the first place?
The more I read about this RFID thing, the more I'm thinking the idea just hasn't come along to the point where it has to be. Obviously, if these issues are getting discussed at a high level, we need to put something in place that's a bit more targetted to the problem: we want to be able to read items for a specific purpose, and no other purpose. Walk out of a store with items, get automatically charged to the credit card = good. Someone sitting in the parking lot with an RFID reader able to tell you just walked out with Preparation H, herpes medication, and a coffee enema kit = bad.
I'm betting that the propeller-heads among us have the capability to solve this problem, technologically I'm talking. Also, do we have to start out tagging everything? Why not just tag the non-controversial items? Let's not start with the Complete Homeopathic Colon Invasion Toolkit (TM), or people themselves. Let's start with something a bit more pedestrian and refine things from there...
sev
but have you considered the following argument: shut up.
Armor piercing rounds generally have steel cores. The main use of steel core ammunition in the US is for cheap surplus rounds sold and mainly used for target practice.The don't make good rounds for hunting (or assassination) as they tend to pass through the target without shedding much energy. Good rounds for hunting are soft-tipped or hollow core and expand and stay in the animal. That way they transmit the most energy and create a more lethal wound channel.
...
If you consider the size of a buck deer, moose, or elk it quickly becomes apparent that if you allow sportsmen to hunt these animals, then you must have appropriate ammunition available that will dispatch them with a high probability with one shot. If you look at the rounds used in the past to hunt elephants you'll see they are huge are in fact not very common, and the rifles that can fire them are quite expensive, and even more uncommon. And, if you disallow hunting, then you have to reintroduce natural predators for game animal population control; look at New Jersy's experiment with elimination of deer hunting. Famine in the deer population as it grew, increase in disease in the deer population and increase in related vectors that directly and adversly affect other animals and humans.
If you want to change the rights of gun ownership in the US have the courtesy to attack the problem head on. Make an attempt to change the 2d amendment. Legislation that violates the 2d Amendment is just an affront to the legal basis that supports all our laws. When you do, remember that over 50% of US housholds own guns, legally. Guns are _so_ easy to manufacture that a plant in NJ was set up by organized crime and operated for years creating blackmarket firearms. We dropped (in WWII) leaflets showing how with simple mechanics tools a reliable fully automatic weapon (the so called "grease guns") could be made my resistance fighters. Make sure you address all the potential avenues for criminal creation of firearms when you try to make a legal ban of them. And then consider what other rights you have to give up to allow enforcement of those provisions to assure crimminals don't have firearms. And consider those who legally use a firearm in self-defense and assure a way to protect all the citizens all the times. I see very large budget increases for the new police state you'll need to implement this.
Feel free to mode this down along with the parent. Now if only he'd have suggested RFIDs in bullets or handguns
- Tjp
I am in wallow with my inner money grubbing capitalistic pig. ... Oink!